Windows Server hardening Checklist

Windows Server hardening Checklist

Tasks to be performed

Check whether the password of the server is complex and if it is not complex then update the client to update the password to be complex

Check what all ports are open for the IP that client has raised the issue, may be any issue and if any file sharing ports like 135, 139 and 445 are open check with client and close the file sharing ports.

Check whether the anti-virus is installed in the server.

Check the event viewer and if there are hits in the event viewer then update him to restrict his server IP to static IP or atleast change the server RDP port or any other port to custom port.

Check whether the windows updates are installed regularly.

Check his users list and if you find guest user enabled immediately disable the user and if you find many FTP or server users ask him to put the strong password specially for the users in RDP and administrator group.

Check what all users are having administrator rights and RDP permissions.

Check the page file size and it should be system managed atleast.

Check whether the time is syncing from our NTP or not.

If Vmware VM is there then check whether the Vmware tools and NIC card is vmnex3 adapter is there are not.

current configuration of server and future performance issue as per trend analysis

Highlight any pirated, suspicious or third party software and un-install those with customer approval